China leads in govt-backed exploitation of zero-day bugs: Google report

Representation image


China continues to lead the way for government-backed exploitation of zero-day vulnerabilities and the cyber espionage groups in the country exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022, a Google report said on Wednesday.

A zero-day bug is a vulnerability in a system or device that has been disclosed but is not yet patched.

In 2023, Google observed 97 zero-day vulnerabilities exploited in-the-wild.

That’s over 50 per cent more than in 2022, but still shy of 2021’s record of 106, according to the report by Google’s Threat Analysis Group (TAG) and cyber-security firm Mandiant.

“Attackers are now shifting focus to third-party components and libraries in 2023. Zero-day vulnerabilities in third-party components and libraries were a prime attack surface in 2023, since exploiting this type of vulnerability can scale to affect more than one product,” said James Sadowski, Principal Analyst, Mandiant Intelligence.

The team observed an increase in adversary exploitation of enterprise-specific technologies in 2023, with a 64 per cent increase in the total number of vulnerabilities from the previous year and a general increase in the number of enterprise vendors targeted since at least 2019.

Exploitation associated with financially motivated actors proportionally decreased last year.

“Financially motivated actors accounted for 10 zero-day vulnerabilities exploited in 2023, a lower proportion of the total than what we observed in 2022,” said the Google report.

Organisations need to build defensive strategies that prioritise threats that are most likely to cause damage to themselves and others, it added.